Announcement Announcement Module
Collapse
No announcement yet.
Advisory - Remote Execution Vulnerability in IBM Notes and Domino Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Advisory - Remote Execution Vulnerability in IBM Notes and Domino

    Remote Execution Vulnerability in IBM Notes and Domino

    Severity Rating: Medium
    Systems Affected
    • IBM Notes 9.0.1 and earlier
    • IBM Domino 9.0.1 Interim Fix 2 and earlier
    • IBM Notes and Domino 8.5.x

    Overview
    A vulnerability has been reported in IBM Notes and Domino which could be exploited by a unauthenticated remote attacker to execute arbitrary code.

    Description
    This vulnerability is caused due to use of incorrect gcc options in IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 FP1 on 32-bit Linux platforms.Successful exploitation of this vulnerability by a remote attacker could allow him to execute arbitrary code by taking advantage of the absence of NX protection mechanism and placing crafted x86 code on the stack.

    Solution
    Apply appropriate patches as mentioned in the IBM Security Bulletin:

    http://www-01.ibm.com/support/docvie...id=swg21670264
    Vendor Information
    IBM
    http://www-01.ibm.com/support/docvie...id=swg21670264
    References

    Secunia
    http://secunia.com/advisories/cve_re...CVE-2014-0892/

    US-CERT
    https://www.kb.cert.org/vuls/id/350089



    SecurityFocus
    http://www.securityfocus.com/bid/67014/discuss
Tag Cloud Tag Cloud Module
Collapse
Working...
X